Phishing is one of the fastest growing forms of fraud that is prevalent on the Internet today. Phishing attacks typically involve sending fraudulent e-mails to individuals in order to solicit sensitive information such as confidential personal information, account numbers, social security numbers, and passwords from the recipients. The e-mails appear to come from a legitimate company such as a bank, retailer or other e-commerce business. The information obtained from unsuspecting individuals are used for fraudulent purposes, for example, to access the person's account or use the person's identity information to facilitate further fraud with other parties—for instance, to deceive other parties into believing that they are dealing with that person.
Phishing attacks typically use a false “from” address, copies of company logos, Web links, and graphics to make the e-mails look like the genuine e-mails from the companies with which the recipients of the e-mails have business dealings, thus taking advantage of customer trust in the company's identity and brand names. To trick the recipient into believing that the source of the communication is the genuine company, phishing attacks use the company's logo from the company's website or the company's website links in the e-mails or communications. It is apparent then that such phishing attacks result in serious damages to the company's reputation to say nothing of the undermining effect it has on general e-commerce business.